Jul -- News: Wide-spread ransomware "WannaCry" (and also the exploit that's in every Windows ever)

Register - Login
Views: 99392383	Main - Memberlist - Active users - Calendar - Wiki - IRC Chat - Online users Ranks - Rules/FAQ - Stats - Latest Posts - Color Chart - Smilies	04-24-22 10:07:05 AM

Jul - News - Wide-spread ransomware "WannaCry" (and also the exploit that's in every Windows ever)

Next newer thread | Next older thread

RanAS
Member
Level: 55

Posts: 241/844
EXP: 1286469
For next: 27720

Since: 10-10-14

From: São Paulo, Brazil

Since last post: 1 day
Last activity: 1 day

Posted on 05-14-17 10:17:49 AM

Link | Quote

Wikipedia article.

You've probably already heard of this. Then again, you should, it's kinda bad.

An exploit known as EternalBlue was used by the NSA to invade computers running Windows for quite some time now. On March 14th, a Windows Update patch was made available for Vista, 7, 8.1 and 10. On April 14th, the exploit was leaked on the internet by a hacker group. And two days ago, on May 12th, a widespread ransomware that used that exploit spread very quickly throughout the world, taking down systems from organizations such as FedEx, Renault, Telefónica and even a part of the government in the state of São Paulo, Brazil. After the attack, Microsoft released a patch for older systems such as Windows XP, Server 2003 and Windows 8.0.

The attack was mostly controlled due to what is believed to be a programming mistake, thankfully. The program tries to connect to a website that doesn't exist and send data to it. Someone registered the domain to analyze the data and the program is now having a harder time spreading from system to system. There's been warnings, though, that other variations can and probably will be made without this error, and unpatched systems should still be patched as soon as possible.

These are very recent news so there might be some inaccuracies here and there, so I recommend doing some reading about it if you can. Now's one of the few times where we might actually have to install an Windows Update, for those of us that like to keep it disabled most of the time. Make sure you keep shady telemetry updates away though (not many and I believe they're all optional updates, there's a few lists of them online if you want to know which ones to avoid).

Here's a few links to some Microsoft sites, regarding the vulnerability patch:

For Windows Vista, 7, 8.1, 10 and Server (2008, 2012 and 2016): Link
For Windows XP, 8 and Server 2003: Link

einstein95
Member
Level: 37

Posts: 286/318
EXP: 325772
For next: 12481

Since: 04-11-13

Since last post: 3.3 years
Last activity: 3.3 years

Posted on 05-14-17 10:22:40 AM

Link | Quote

And as of today, there are reports that there are versions that lack the website check.

____________________
Sometimes I English very well but sometimes no.

Zero One
5170

And as we fall the spirit carries on,
That a hero'll come and save us all,
As we call the ones we left below,
We all dream of the day we rise above
Level: 129

Posts: 5039/5173
EXP: 24546720
For next: 502934

Since: 05-24-10

From: Delta Quadrant

Since last post: 1.6 years
Last activity: 121 days

Posted on 05-14-17 05:12:22 PM

Link | Quote

Yep, updated versions have been released that lack the killswitch. Make sure you keep your systems up to date!

____________________
This is a Heisenberg post. I know I posted this really fast, but I don't know where...

My games development portfolio and my MonoTroid engine

My YouTube Channel
My Twitch. Check it! 3DS Code: 2879-0110-5138

SamEarl13

Nipper Plant
Trying (and failing) to learn Lua.
Level: 43

Posts: 408/419
EXP: 523211
For next: 41835

Since: 02-14-12

Since last post: 4.1 years
Last activity: 8 days

Posted on 05-14-17 07:48:56 PM

Link | Quote

Sad that this stuff doesn't surprise me, the NSA want all these different companies to build backdoors into things despite the fact that they're obviously not going to be the only people using them

____________________
I'll get back to contributing to the wiki soon I promise.

Cuber456

Fuzzy
Don't mind me. Just passing through.
Level: 56

Posts: 728/776
EXP: 1317934
For next: 80242

Since: 02-19-12

From: Everywhere at once.

Since last post: 4.2 years
Last activity: 122 days

Posted on 05-15-17 01:21:09 AM

Link | Quote

Now is a good time as any to backup your hard drive(s).

Gabu

Star Mario
Placeholder Ikachan until :effort: is found
Level: 172

Posts: 9600/9981
EXP: 67924496
For next: 177738

Since: 08-10-09

Pronouns: they/them, she/her
From: Santa Cruisin' USA

Since last post: 47 days
Last activity: 8 days

Posted on 05-16-17 02:33:08 PM

Link | Quote

                                                And probably not so much getting a new laptop.

                                                Thought it was bad, had a special announcement at work last Friday on the PA regarding a security update, implying IT would be working over the weekend as well, and I kinda put two and two together with the news, but I didn't think it was this bad.

                                                ____________________

dotUser
From the Grave
Level: 91

Posts: 2201/2357
EXP: 7419785
For next: 49127

Since: 10-20-10

Pronouns: she/her
From: a particularly peculiar tiny store's back shelf

Since last post: 25 days
Last activity: 9 days

Posted on 05-17-17 11:39:27 AM

Link | Quote

GNU dotUser 2.1.2-git File: ~/.user/makepost.py

The vulnerability it exploits is something Microsoft has been wanting to kill for a long time now, too. So on top of patching, may as well just disable the entire feature (SMBv1 Protocol or whatever, ancient server communication method that should be long gone by now anyway)

____________________

^W Web	^B Tumblr	^	^	^	^
^T Twitter	^P ~town	^	^	^	^

Cuber456

Fuzzy
Don't mind me. Just passing through.
Level: 56

Posts: 729/776
EXP: 1317934
For next: 80242

Since: 02-19-12

From: Everywhere at once.

Since last post: 4.2 years
Last activity: 122 days

Posted on 05-18-17 12:18:46 AM

Link | Quote

Originally posted by dotUser
may as well just disable the entire feature (SMBv1 Protocol or whatever, ancient server communication method that should be long gone by now anyway)

That's what I did. Googling what it was, it looked ancient and I figured disabling it probably wouldn't break much. If it does then I'll cross that bridge when I come to it.

Next newer thread | Next older thread

Jul - News - Wide-spread ransomware "WannaCry" (and also the exploit that's in every Windows ever)

Rusted Logic

Warning: You are using TidyHTML mode! Pages MAY and probably WILL break. To disable, click here or append 'xxx-off=1' to the URL!

Capturing turf before it was cool (click to hide in future page loads)

32 database queries, 1 query cache hits.

Query execution time:	0.089027 seconds
Script execution time:	0.015427 seconds
Total render time:	0.104454 seconds

TidyHTML vomit below

line 1 column 1 - Warning: missing <!DOCTYPE> declaration
line 2 column 301 - Warning: unescaped & or unknown entity "&page"
line 119 column 11 - Warning: <form> isn't allowed in <table> elements
line 118 column 10 - Info: <table> previously mentioned
line 120 column 11 - Warning: missing <tr>
line 120 column 119 - Warning: missing </font> before </td>
line 124 column 16 - Warning: plain text isn't allowed in <tr> elements
line 120 column 11 - Info: <tr> previously mentioned
line 125 column 68 - Warning: missing </nobr> before </td>
line 141 column 68 - Warning: missing </nobr> before <tr>
line 147 column 35 - Warning: missing <tr>
line 147 column 50 - Warning: missing </font> before </td>
line 148 column 37 - Warning: unescaped & or unknown entity "&id"
line 147 column 247 - Warning: missing </font> before </table>
line 149 column 35 - Warning: missing <tr>
line 149 column 50 - Warning: missing </font> before </td>
line 149 column 91 - Warning: missing </font> before </table>
line 156 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 158 column 9 - Warning: missing <tr>
line 176 column 13 - Warning: missing <tr>
line 177 column 102 - Warning: unescaped & or unknown entity "&postid"
line 195 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 197 column 9 - Warning: missing <tr>
line 215 column 13 - Warning: missing <tr>
line 216 column 102 - Warning: unescaped & or unknown entity "&postid"
line 221 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 223 column 9 - Warning: missing <tr>
line 241 column 13 - Warning: missing <tr>
line 242 column 102 - Warning: unescaped & or unknown entity "&postid"
line 244 column 366 - Warning: <td> attribute "tahoma"," lacks value
line 244 column 366 - Warning: <td> attribute with missing trailing quote mark
line 253 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 255 column 9 - Warning: missing <tr>
line 273 column 13 - Warning: missing <tr>
line 274 column 102 - Warning: unescaped & or unknown entity "&postid"
line 279 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 281 column 9 - Warning: missing <tr>
line 299 column 13 - Warning: missing <tr>
line 300 column 102 - Warning: unescaped & or unknown entity "&postid"
line 305 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 307 column 9 - Warning: missing <tr>
line 325 column 13 - Warning: missing <tr>
line 326 column 102 - Warning: unescaped & or unknown entity "&postid"
line 328 column 314 - Warning: missing </div>
line 330 column 924 - Warning: discarding unexpected </div>
line 330 column 930 - Warning: discarding unexpected </td>
line 333 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 335 column 9 - Warning: missing <tr>
line 353 column 13 - Warning: missing <tr>
line 354 column 102 - Warning: unescaped & or unknown entity "&postid"
line 356 column 74 - Warning: <link> isn't allowed in <td> elements
line 356 column 9 - Info: <td> previously mentioned
line 359 column 9 - Warning: <div> isn't allowed in <table> elements
line 152 column 17 - Info: <table> previously mentioned
line 361 column 9 - Warning: missing <tr>
line 379 column 13 - Warning: missing <tr>
line 380 column 102 - Warning: unescaped & or unknown entity "&postid"
line 386 column 17 - Warning: missing <tr>
line 386 column 17 - Warning: discarding unexpected <table>
line 389 column 35 - Warning: missing <tr>
line 389 column 50 - Warning: missing </font> before </td>
line 389 column 91 - Warning: missing </font> before </table>
line 391 column 35 - Warning: missing <tr>
line 391 column 50 - Warning: missing </font> before </td>
line 392 column 37 - Warning: unescaped & or unknown entity "&id"
line 391 column 247 - Warning: missing </font> before </table>
line 393 column 17 - Warning: discarding unexpected </textarea>
line 393 column 28 - Warning: discarding unexpected </form>
line 393 column 35 - Warning: discarding unexpected </embed>
line 393 column 43 - Warning: discarding unexpected </noembed>
line 393 column 53 - Warning: discarding unexpected </noscript>
line 393 column 64 - Warning: discarding unexpected </noembed>
line 393 column 74 - Warning: discarding unexpected </embed>
line 393 column 82 - Warning: discarding unexpected </table>
line 393 column 90 - Warning: discarding unexpected </table>
line 395 column 9 - Warning: missing </font> before <table>
line 407 column 25 - Warning: discarding unexpected </font>
line 416 column 57 - Warning: discarding unexpected </font>
line 394 column 1 - Warning: missing </center>
line 120 column 63 - Warning: <img> lacks "alt" attribute
line 125 column 19 - Warning: <td> attribute "width" has invalid value "120px"
line 125 column 93 - Warning: <img> lacks "alt" attribute
line 141 column 19 - Warning: <td> attribute "width" has invalid value "120px"
line 141 column 98 - Warning: <img> lacks "alt" attribute
line 148 column 43 - Warning: <img> proprietary attribute value "absmiddle"
line 148 column 140 - Warning: <img> proprietary attribute value "absmiddle"
line 148 column 244 - Warning: <img> proprietary attribute value "absmiddle"
line 161 column 22 - Warning: <img> lacks "alt" attribute
line 161 column 63 - Warning: <img> lacks "alt" attribute
line 161 column 112 - Warning: <img> lacks "alt" attribute
line 161 column 162 - Warning: <img> lacks "alt" attribute
line 162 column 11 - Warning: <img> lacks "alt" attribute
line 172 column 15 - Warning: <img> lacks "alt" attribute
line 200 column 22 - Warning: <img> lacks "alt" attribute
line 200 column 63 - Warning: <img> lacks "alt" attribute
line 200 column 112 - Warning: <img> lacks "alt" attribute
line 200 column 162 - Warning: <img> lacks "alt" attribute
line 211 column 15 - Warning: <img> lacks "alt" attribute
line 225 column 16 - Warning: <img> proprietary attribute value "absmiddle"
line 225 column 16 - Warning: <img> lacks "alt" attribute
line 225 column 59 - Warning: <img> proprietary attribute value "absmiddle"
line 225 column 59 - Warning: <img> lacks "alt" attribute
line 225 column 102 - Warning: <img> proprietary attribute value "absmiddle"
line 225 column 102 - Warning: <img> lacks "alt" attribute
line 225 column 145 - Warning: <img> proprietary attribute value "absmiddle"
line 225 column 145 - Warning: <img> lacks "alt" attribute
line 225 column 188 - Warning: <img> proprietary attribute value "absmiddle"
line 225 column 188 - Warning: <img> lacks "alt" attribute
line 225 column 231 - Warning: <img> proprietary attribute value "absmiddle"
line 225 column 231 - Warning: <img> lacks "alt" attribute
line 226 column 23 - Warning: <img> lacks "alt" attribute
line 226 column 64 - Warning: <img> lacks "alt" attribute
line 226 column 113 - Warning: <img> lacks "alt" attribute
line 226 column 163 - Warning: <img> lacks "alt" attribute
line 227 column 11 - Warning: <img> lacks "alt" attribute
line 237 column 15 - Warning: <img> lacks "alt" attribute
line 257 column 11 - Warning: <img> lacks "alt" attribute
line 258 column 22 - Warning: <img> lacks "alt" attribute
line 258 column 63 - Warning: <img> lacks "alt" attribute
line 258 column 111 - Warning: <img> lacks "alt" attribute
line 258 column 161 - Warning: <img> lacks "alt" attribute
line 259 column 11 - Warning: <img> lacks "alt" attribute
line 269 column 15 - Warning: <img> lacks "alt" attribute
line 276 column 272 - Warning: <img> proprietary attribute value "absmiddle"
line 276 column 272 - Warning: <img> lacks "alt" attribute
line 283 column 11 - Warning: <img> lacks "alt" attribute
line 284 column 22 - Warning: <img> lacks "alt" attribute
line 284 column 63 - Warning: <img> lacks "alt" attribute
line 284 column 111 - Warning: <img> lacks "alt" attribute
line 284 column 161 - Warning: <img> lacks "alt" attribute
line 285 column 11 - Warning: <img> lacks "alt" attribute
line 295 column 15 - Warning: <img> lacks "alt" attribute
line 309 column 11 - Warning: <img> lacks "alt" attribute
line 310 column 23 - Warning: <img> lacks "alt" attribute
line 310 column 64 - Warning: <img> lacks "alt" attribute
line 310 column 113 - Warning: <img> lacks "alt" attribute
line 310 column 163 - Warning: <img> lacks "alt" attribute
line 311 column 11 - Warning: <img> lacks "alt" attribute
line 321 column 15 - Warning: <img> lacks "alt" attribute
line 330 column 787 - Warning: <img> lacks "alt" attribute
line 338 column 22 - Warning: <img> lacks "alt" attribute
line 338 column 63 - Warning: <img> lacks "alt" attribute
line 338 column 112 - Warning: <img> lacks "alt" attribute
line 338 column 162 - Warning: <img> lacks "alt" attribute
line 339 column 11 - Warning: <img> lacks "alt" attribute
line 349 column 15 - Warning: <img> lacks "alt" attribute
line 363 column 11 - Warning: <img> lacks "alt" attribute
line 364 column 22 - Warning: <img> lacks "alt" attribute
line 364 column 63 - Warning: <img> lacks "alt" attribute
line 364 column 111 - Warning: <img> lacks "alt" attribute
line 364 column 161 - Warning: <img> lacks "alt" attribute
line 365 column 11 - Warning: <img> lacks "alt" attribute
line 375 column 15 - Warning: <img> lacks "alt" attribute
line 392 column 43 - Warning: <img> proprietary attribute value "absmiddle"
line 392 column 140 - Warning: <img> proprietary attribute value "absmiddle"
line 392 column 244 - Warning: <img> proprietary attribute value "absmiddle"
line 401 column 25 - Warning: <img> lacks "alt" attribute
line 406 column 267 - Warning: <img> lacks "alt" attribute
line 149 column 50 - Warning: trimming empty <font>
line 386 column 17 - Warning: trimming empty <tr>
line 389 column 50 - Warning: trimming empty <font>
line 125 column 68 - Warning: <nobr> is not approved by W3C
line 141 column 68 - Warning: <nobr> is not approved by W3C
line 177 column 27 - Warning: <nobr> is not approved by W3C
line 216 column 27 - Warning: <nobr> is not approved by W3C
line 242 column 27 - Warning: <nobr> is not approved by W3C
line 244 column 74 - Warning: <table> proprietary attribute "height"
line 274 column 27 - Warning: <nobr> is not approved by W3C
line 300 column 27 - Warning: <nobr> is not approved by W3C
line 326 column 27 - Warning: <nobr> is not approved by W3C
line 328 column 74 - Warning: <table> proprietary attribute "height"
line 354 column 27 - Warning: <nobr> is not approved by W3C
line 380 column 27 - Warning: <nobr> is not approved by W3C
Info: Document content looks like HTML5
Info: No system identifier in emitted doctype
Tidy found 169 warnings and 0 errors!

The alt attribute should be used to give a short description
of an image; longer descriptions should be given with the
longdesc attribute which takes a URL linked to the description.
These measures are needed for people using non-graphical browsers.

For further advice on how to make your pages accessible
see http://www.w3.org/WAI/GL.
You are recommended to use CSS to specify the font and
properties such as its size and color. This will reduce
the size of HTML files and make them easier to maintain
compared with using <FONT> elements.

You are recommended to use CSS to control line wrapping.
Use "white-space: nowrap" to inhibit wrapping in place
of inserting <NOBR>...</NOBR> into the markup.

About HTML Tidy: https://github.com/htacg/tidy-html5
Bug reports and comments: https://github.com/htacg/tidy-html5/issues
Official mailing list: https://lists.w3.org/Archives/Public/public-htacg/
Latest HTML specification: http://dev.w3.org/html5/spec-author-view/
Validate your HTML documents: http://validator.w3.org/nu/
Lobby your company to join the W3C: http://www.w3.org/Consortium

Do you speak a language other than English, or a different variant of
English? Consider helping us to localize HTML Tidy. For details please see
https://github.com/htacg/tidy-html5/blob/master/README/LOCALIZE.md